basic 12

I've figured out that the .hd file is not in the same directory as .hs which means it is vulnerable to me seeing it. I've tried viewing it by injecting it's location into ?page= in url, but i don't belive this is the correct way. someone in a previous post mentioned a program/method that allows you to see all… i'm a bit confused. i know i must access .h******d but i do not know how?

[quote]paintballa_4life2005 wrote: someone in a previous post mentioned a program/method that allows you to see all… /quote] Forget about that. First read all forum posts ,then read about .htaccess and what is protecting. And last it doesn't always has to be ht .

i've read up on .htaccess and i know what it protects, it protects folder or directory which it is inside, and all sub-directories or sub-folders. If .htd is outside the .htaccess folder, then we can see the contents of .htd. How do you mean it doesn't have to be ht? that's what the server is set to look for isnt it? so how could it be named something else?

the server looks for what is in the access file so the file that you need is in the access file ;)

I don't know how to say it different without spoiler. You can PM me. And about ht it doesn't has to be .ht**** but it can also be .****

i got it finally, can i crack it with cain and abel or do i need to use jtr?

JTR. See other basic 12 topic.

what format do i use for the password file when cracking with jtr?

username:password

is this correct?

just copy that to pass.txt in jtr folder (all-:) and type john-mmx pass.txt.

cool thanks, thats what I did and it's still workin.

What method does JTR use to crack passwords?

jtr has been running for half hour now and still nothing, is this normal?

paintballa_4life2005 wrote: jtr has been running for half hour now and still nothing, is this normal? im think as most brute forcing does take a long time mines bin runing for just a bit more then that… i wanna really wanna do this challenge before i go bed aswell

lol:D I cracked it in 2 seconds with jtr 1.7.

cesnjak wrote: lol:D I cracked it in 2 seconds with jtr 1.7. lol same when i relised the other way of doing it…

yeah just for anyone readin this use a word list rather than brute force. And be sure not to open the wordlist file in your browser window like i did on accident, right click and save

LOL finally some help with using jtr and yeah sorry for confusing you topic starter about where to start on this challenge i was able to figure out jtr though thanx everyone